Senior Identity & Access GRC Engineer
Vodafone
full-time
Posted on:
Location Type: Hybrid
Location: Romania
Visit company websiteExplore more
Job Level
Tech Stack
About the role
- Define IAM governance framework, standards and control structure
- Design IAM operational model
- Translate IAM policies and standards into applicable technical controls
- Design and maintain enterprise-wide RBAC models aligned with business roles and risk levels
- Define and enforce Segregation of Functions (SoD) controls
- Establish Key Risk Indicators (KRIs) and control effectiveness metrics
- Maintain IAM documentation and record repository
- Create an IAM maturity roadmap
- Ensure alignment with Zero Trust principles
- Design and optimize Joiner Mover Leaver processes
- Ensure automatic provisioning and revocation of access in critical systems
- Reduce accounts orphaned, inactive, and overprivileged
- Integrate IAM with authoritative sources (HR and identity sources)
- Define SLAs for deprovisioning and monitor compliance
- Establish access recertification governance
- Define governance framework for Privileged Access Management (PAM)
- Reduce permanent administrative privileges
- Implement Just in Time (JIT) and least privilege / Just Enough Access (JEA) principles
- Ensure privileged session monitoring and logging controls
- Coordinate with CSOC for identity-based detection cases
- Ensure MFA enforcement for critical systems and high-risk users
- Validate SSO and federation configurations
- Define authentication assurance levels based on risk
- Align identity controls with Zero Trust principles
- Ensure alignment IAM with:
- o NIS2
- o ISO 27001
- o GDPR
- o Internal Security Policies
- Support for internal and external audits
- Provide IAM records and remediation plans
- Track and remediate IAM non-conformities
- Assess the health of IAM/IdM platforms and lifecycle risks (EOL/EOS)
- Identify coverage gaps in applications and cloud environments
- Propose a modernization and improvement roadmap
- Lead the integration of new systems in the IAM area
- Close collaboration with:
- o IT Operations
- o Network Operations
- o HR
- o Application Owners
- o Cloud & DevOps Teams
- o CSOC
- o Business teams
- Act as SME in the identity area during security incidents
- Ensure the inclusion of identity risks in the enterprise risk register
Requirements
- 5–8+ years of experience in IAM or Identity Governance
- Experience in building or transforming IAM capabilities
- Hands-on experience with enterprise IAM platforms (SailPoint, Saviynt, OneIdentity, Okta, Microsoft Entra ID)
- Experience with PAM solutions (CyberArk, BeyondTrust)
- Strong knowledge of:
- o RBAC / ABAC
- o Segregation of Functions (SoD)
- o SAML, OAuth2, OIDC
- o LDAP / Active Directory
- o MFA and conditional access policies
- Experience in regulated environments (telecom, financial, utilities – preferred)
- Experience in supporting audit and compliance programs
Benefits
- Hybrid working regime 2 days from the office, 3 days remote
- Special discounts for Vodafone employees, Friends & Family offers
- Demo telephone subscription - unlimited (voice and data)
- Voucher for the purchase of a mobile phone
- Medical subscription to a top private clinic & other medical benefits
- Insurance for hospitalization and surgical interventions
- Life insurance
- Meal tickets
- Bookster subscription
- Participation in development programs and challenging projects in the leadership area
- Access to internal Wellbeing & Recognition events
- Extra vacation days (for seniority, special events, volunteering)
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
IAM governance frameworkRBACSegregation of FunctionsKey Risk IndicatorsJust in Timeleast privilegeauthentication assurance levelsSAMLOAuth2OIDC
Soft Skills
collaborationleadershipcommunicationorganizational skillsproblem-solving
Certifications
ISO 27001GDPRNIS2